Efficiently manage orphaned Azure resources with Citrix

Efficiently manage orphaned Azure resources with Citrix

book

Article ID: CTX573477

calendar_today

Updated On:

Description

Orphaned resources are unused resources present in the system and they can lead to unnecessary expenses. Citrix provides a detailed scanning functionality to identify orphaned resources present in the system offering administrators better ways for resource management. This feature helps in cost cutting and optimizes cloud efficiency by allowing the administrators to take further action on the identified orphaned resources.

Reasons for Orphaned Resources

Citrix recommends understanding the scenarios which generate orphaned resources before taking further action.

Possible reasons leading to orphaned resources:

  1. Customer copied Citrix resources
When the administrators create resources, such as backup snapshots, unknowingly inheriting all Citrix tags, these resources could be misidentified as orphaned resources.
  1. Citrix generated resources
The orphaned resources created by the earlier software versions might remain uncleared in the system.
  1. Citrix generated temporary snapshots
    • If the master image zone differs from the target zone.
    • If the provisioning resource group name isn't the same as the master image's resource group name.
  2. Citrix generated temporary network security groups (NSGs). During VM preparation, MCS creates NSGs with deny-all rules in Azure to isolate the VM from the network.  However, the deletion of preparing VM does not automatically remove the corresponding NSG.  Consequently, those temporary NSGs might persist within the resource group.
  3. Citrix generated temporary resources

If administrators lock a resource group to prevent the accidental deletion of the resources within, then operations like updating images cannot delete the temporary resources present in the group.


The following table lists the temporary resources that exists in the resource group:

Resource Name

Resource Type

Citrix-Deny-All-xxx

Network Security Group

Preparati-xxx

Virtual Machine

Preparati-xxx-osdisk-xxx

Disk

preparati-xxx

Network Interface

prepare-identify-xxx

Disk

prepare-identify-xxx-snapshot

Snapshot

prepare-wbc-xxx

Disk

xxx-<image name>-snapshot-xxx

Snapshot

<virtual machine>-TemporaryStorage-xxx

Disk

<virtual machine>-IdentifyDisk-xxx-snapshot

Disk

citrixxdStorage Account

 

Managing Orphaned Resources

After identifying the orphaned resources, administrators can either proceed to delete or ignore them.  Follow the below steps to perform either of the required actions.

Delete
  1. Azure portal

Navigate to the Azure portal to locate the resources using their resources IDs and delete them.

  1. Azure PowerShell

Download the orphaned resources list from the Studio and run the below script.

try {

    $cvsdata = Import-Csv -Path "<Your_CVS_File>"

    foreach ($row in $cvsdata) {

        $id = $row.id

        Write-Output("Resource Id: " + $id)

        Remove-AzResource -ResourceId $id

    }

} catch {

    Write-Output("Exception Occurred")

    Write-Host $_

}

Ignore

For the identified orphaned resources, set the "CitrixDetectIgnore" tag to "true" to ignore the resources in the next scanning for orphaned resources.

  1. Azure portal

Navigate to the Azure portal to locate the resources using their resources IDs, then manually add tag "CitrixDetectIgnore" with value "true".

  1. Azure PowerShell

$resourceId = "<Your_Resource_ID>"

$tagName = "CitrixDetectIgnore"

$tagValue = "true"

Update-AzTag -ResourceId $resourceId -Tag @{$tagName=$tagValue} -Operation Merge
 

Note:

Orphaned resource detection depends on specific Citrix tags prefixed with "Citrix", such as "CitrixProvisioningSchemeId" and "CitrixResource" etc.  For on-prem DDC, administrators must tag the existing provisioned resources with Citrix specific tags before detecting orphaned resources.

To tag the resources with Citrix PoSH, download the SetProvResourceTag.ps1 and execute “SetProvResourceTag.ps1 -MachineCatalogs Your_Catalog_List”. If you don’t provide a machine catalog list, the script will by default tag all the existing machine catalogs’ resources. The script will go through the provisioning database to identify resources currently managed by provisioning, then go to hypervisor to add necessary tags on each resource.

 

 

Environment

Citrix is not responsible for and does not endorse or accept any responsibility for the contents or your use of these third party Web sites. Citrix is providing these links to you only as a convenience, and the inclusion of any link does not imply endorsement by Citrix of the linked Web site. It is your responsibility to take precautions to ensure that whatever Web site you use is free of viruses or other harmful items.